Working Offsets (Mem/Hacks) : EverQuest 2 Nerfed Info

Use winhack to search for ascii strings related to your error message that you want. It's not as good as the old EQ1 file, but it works. Once you find the error message, take the offset that it's at and run a search in dasm for that offset. After that it's just searching backwards for what accesses that offset.

Okay, some questions for pretzel or anyone that knows how to find an offset from scratch.

I can now follow the jmps and actually understand what's going on to a greater extent. Like the Enduring breath and no blur offsets for instance.. I know that the line above the je is a test, so it's testing to see if you have no blur or eb enabled. Then it comes to the jump. By changing the je to a noop then you effectively cancel the jump no matter what the test results are. I think I understand that.. Now we get to what I don't understand.

Let's take the safe fall offset for instance.

dont take fall damage: 4E6FA1 0F 84 90 E9

Now when I look this up in dasm, I get this line:

mov al, byte ptr [ebp+00000125]

Now I can understand the need to change a jmp, or even a cmp to get the necessary effect that I want. If it's a conditional jump, then I would need to change the condition. If it's a cmp then changing the register it's looking at would effect the outcome of that cmp...

But why on earth would I need to change a mov in order to get the ability of safe fall maxed? If it was taking the distance of the fall, wouldn't it push that value and then run a cmp? If it was comparing the distance of the fall with the current skill of safe fall, wouldn't that be a cmp and then a je/ja/ect?

It works, so I know there's gotta be a reason, but damned if I can figure it out.

Help... please?

New Features Coming:

Updated Graphics, Woot!
On/Off Button for each offset. (or most hopefully)
Tooltip's to explain specifically what everything does.
And anything else I can think of




Hey, here's an idea. Possibly have an update button for when the values change, us n00bs just click update and it connects to a server where it can simply change the values of the proggy. It'd be work to find the new values and change them on the server that we'd update from, but hey... I'm sure it can be a perk of the Tault Community.

can anyone find the dist check for trade window? if so i have a few dupe ideas

atrapas wrote:Okay, some questions for pretzel or anyone that knows how to find an offset from scratch.

I can now follow the jmps and actually understand what's going on to a greater extent. Like the Enduring breath and no blur offsets for instance.. I know that the line above the je is a test, so it's testing to see if you have no blur or eb enabled. Then it comes to the jump. By changing the je to a noop then you effectively cancel the jump no matter what the test results are. I think I understand that.. Now we get to what I don't understand.

Let's take the safe fall offset for instance.

dont take fall damage: 4E6FA1 0F 84 90 E9

Now when I look this up in dasm, I get this line:

mov al, byte ptr [ebp+00000125]

Now I can understand the need to change a jmp, or even a cmp to get the necessary effect that I want. If it's a conditional jump, then I would need to change the condition. If it's a cmp then changing the register it's looking at would effect the outcome of that cmp...

But why on earth would I need to change a mov in order to get the ability of safe fall maxed? If it was taking the distance of the fall, wouldn't it push that value and then run a cmp? If it was comparing the distance of the fall with the current skill of safe fall, wouldn't that be a cmp and then a je/ja/ect?

It works, so I know there's gotta be a reason, but damned if I can figure it out.

Help... please?

It is for this precise reason that I prefer Cheat Engine (if only I could figure out how to find the stuff now =P). You can use the disassembler there to follow the code, find what it is that you need to change, and it has a mini-assembler that allows you to type in an opcode (ie: jmp 0E000010) to replace an old one. It will figure out what needs to go into the code there in order to make that opcode. All in all, it's a very nice program.

Aye, I'm using cheat engine here as well. Well, I skip back and forth between that and Winhack these days. What I'm after though is the "reason" it needs to be changed. Knowing how to do something is nice, knowing the how AND the why is better

is the first posted offsets working as of the 2/1 patch still working and would I be able to keep the merchant window of say the noob merchant that sells cheap water open in another society?
and the same for the bak window?
will it be traceable that I am banking in a zone without a banker?

Heffy666

is the first posted offsets working as of the 2/1 patch still working and would I be able to keep the merchant window of say the noob merchant that sells cheap water open in another society?
and the same for the bak window?
will it be traceable that I am banking in a zone without a banker?

Heffy666

once you zone the windows close...

does the show bank command work with this offset sp that I can bank in a zone without banker?

Heffy666

did the offsets change? my broker command doesnt work, just crashes me

Is there any way to keep the market Bulletin Open from apartment so I can macro tradeskill and sell at the same time?

Thanks

where do I find this trainer you talking about? (with on off button) I am an noob using t-serch and havent been able to get the bank window out of range check to work.

Downloaded the trainer, but it seems to not be working. I Ran the Trainer after I had launched EQII. But I’m unsure as to whether or not it’s even functioning. I tried the fall, and blur removal and tested the two and neither of them worked. Maybe I’m missing a step? Do I need anything other than the Trainer to use it?

Also I tried to install Win hack 2.0 ie: wh200.exe, but the program hangs during install and does nothing more, hence why I’m giving the trainer a-go. I would love to try tinkering with the memory registry’s if I could and contribute.